Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-26573

Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials. Zafiyet ile…

Devamını oku

CVE-2023-26574

Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2023-26575

Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student and teacher data by unauthenticated attackers. Zafiyet ile…

Devamını oku

CVE-2023-26576

Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2023-26577

Stored cross-site scripting in the IDAttend’s IDWeb application 3.1.052 and earlier allows attackers to hijack the browsing session of the logged in user. Zafiyet ile…

Devamını oku

CVE-2023-26578

Arbitrary file upload to web root in the IDAttend’s IDWeb application 3.1.013 allows authenticated attackers to upload dangerous files to web root such as ASP…

Devamını oku

CVE-2023-26579

Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows deletion of staff information by unauthenticated attackers. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2023-26580

Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers. Zafiyet…

Devamını oku

CVE-2023-25032

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Print, PDF, Email by PrintFriendly plugin <= 5.5.1 versions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Devamını oku